<?php 
define('LEVERSION','v2');
require_once('include/config.php');
require_once('include/core/leApp.php');


$act = __get('act');
if ($act == 'login') {
    
	$login_status = 0;
	$username = __post('adminUserName');
	$password = __post('adminPassWord');
	$vcode    = __post('adminCode');
	$remember = __post('remember');
	
	// 用户名密码不能为空
	if (empty($username) or empty($password) or empty($vcode)) {
		__alert('用户名、密码、验证码不能为空');
	}
	// 验证码检测
	if ($vcode != $_SESSION["lebang_vcode"] or $_SESSION["lebang_vcode"] == '' ) {
		$_SESSION["lebang_vcode"] = '';
		__alert('验证码有误，请点击更换验证码');
	}
	// 用户名有误
	$pre_username = preg_replace("/[^A-za-z0-9]/", "", $username);
	if ($username != $pre_username) {
		__alert('用户名由"字母\数字\下划线"组成，请检查输入');
	}
	
	
	// ---------------------------------- 用户登陆 -------------------------------------
	$where['admin_name'] = $username;
	$admin = @__select('system_admin', $where);
	if (!empty($admin)) {
		$admin_lock = $admin[0]['admin_lock'];
		$check_passowrd = md5($password.$admin_lock);
		if ($check_passowrd == $admin[0]['admin_password']) {
		    
			// 更新登陆信息
			$data['admin_lasttime'] = time();
			$data['admin_hits'] = $admin[0]['admin_hits'] + 1;
			$where['admin_name'] = $username;
			$where['admin_password'] = $check_passowrd;
			@__update('system_admin', $data, $where);

			// 设置COOKIE
			if ($remember) {
                setcookie("username", $username, time()+3600000);
			}
			
			// 保存SESSION
			$_SESSION["admin_info"] = $admin[0];

		} else {
			$login_status = 2;
		}
	} else {
	    $login_status = 1;
	}
	// ---------------------------------- /用户登陆 -------------------------------------
	
	
	if ($login_status == 0) {
		header("location:system/index.php");
		exit();
	} else {
		$_SESSION["lebang_vcode"] = '';
		__alert('用户名或密码有误'.$check_passowrd.'='.$admin[0]['admin_password']);
	}
	exit;
}


?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>信息管理系统 - 用户登录</title>
<link rel="stylesheet" type="text/css" href="static/css/login.css" />
<script src="static/js/form.js" type="text/javascript"></script>
<script src="static/js/login.js" type="text/javascript"></script>
</head>

<body>
<div class="login_div">
<div class="top"><img src="static/images/login_title.jpg" width="217" height="33" style="margin:10px 0 0 20px;" /></div><!-- END top -->

<div class="middle">
	<form action="admin.php?act=login" method="post" name="myform" onsubmit="return login_check(this)">
	<div><input name="adminUserName" type="text" class="uname" id="adminUserName" onfocus="upbg(this);if(value=='用户名')value='';" onblur="upbg(this)" value="<?php if(isset($_COOKIE["re_username"])){echo $_COOKIE["re_username"];}else{echo '用户名';}?>" maxlength="20" onkeyup="value=value.replace(/[^\w\.\/]/ig,'')" /></div>
	<div><input name="adminPassWord" type="password" class="upswd" id="adminPassWord" value="" maxlength="30" onkeyup="value=value.replace(/[^\w\.\/]/ig,'')" /></div>
	<div><table cellpadding="0" cellspacing="0" border="0">
	<tr><td><input name="adminCode" type="text" class="ucode" id="code" onfocus="upbg(this);if(value=='验证码')value='';" onblur="upbg(this)" value="验证码" maxlength="4" onkeyup="value=value.replace(/[^\w\.\/]/ig,'')" /></td>
	<td valign="top"><img class="captcha" src="api/captcha.php" width="80" height="39" border="0" onClick="this.src=this.src+'?tm='+Math.random();" style="vertical-align:inherit;margin-left:1px;cursor:pointer;"  alt="看不清？点击更换"/></td></tr></table></div>
	<div class="name_on">
		<span class="left"><input name="remember" type="checkbox" id="remember" value="1" <?php if ($_COOKIE["username"]) echo 'checked="checked"'; ?> class="styled" />记住帐号</span>
		<span class="right"><a href="#" title="联系我们找回密码，热线电话：0571-89937200">&nbsp;</a></span>
	</div>
	<div><input type="submit" name="button" id="button" class="loginan" value="" /></div>
	<div id="login_msg"></div>
	</form>
</div><!-- END middle -->

<div class="bottom"></div><!-- END bottom -->
</div>

</body>
</html>
</html>